On March 2, 2021, Virginia passed the Consumer Data Protection Act (CDPA). The CDPA imposes obligations on businesses handling the Personal Data of Virginia consumers and goes into effect on January 1, 2023. Virginia follows in the footsteps of California, which implemented the California Consumer Privacy Act (CCPA) in January of 2020. Who Does CDPA … Continue Reading
The Californians for Consumer Privacy group is continuing to push for increased rights regarding consumer data through the California Privacy Rights Act (CPRA), a measure that would expand the rights granted under the existing California Consumer Privacy Act (CCPA), which was effective on January 1 of this year. On June 24, the California Secretary of … Continue Reading
Enforcement of the California Consumer Privacy Act (CCPA) is set to begin on July 1, 2020. The global pandemic has many companies urging the California Attorney General (AG) to delay enforcement until 2021, since testing CCPA-compliant platforms can be much more difficult when IT teams cannot work on site. The California AG, however, has declined … Continue Reading
Remote work is a mandate for many companies during the coronavirus (“COVID-19”) pandemic. With so many employees working from home, companies face increasing privacy and data security challenges as they conduct business remotely while attempting to protect sensitive data from unauthorized access and use. Organizations must ensure that they are implementing the proper security and … Continue Reading
Shortly after the proposed Washington Privacy Act (SB 5367) failed to pass the legislature, Washington is now set to revise its existing data breach law. HB 1071, which passed the legislature on April 22, 2019 and is awaiting the Governor’s signature, would substantially expand the definition of personal information, impose new breach notification requirements such … Continue Reading
Another state may join the movement towards adopting General Data Protection Regulation (GDPR)-like privacy protections. A new privacy bill was introduced in the Washington Legislature on January 17, 2019, called the Washington Privacy Act (SB 5376). The Act would give consumers rights that are similar to those under the GDPR, such as the right to … Continue Reading
California has enacted the nation’s first law regulating Internet of Things (IoT) devices, which was signed by Governor Jerry Brown on September 28, 2018. IoT refers to the rapidly-expanding world of internet-connected objects such as home security systems, video monitors, enterprise devices that track packages and vehicles, health monitors, connected cars, smart city devices that … Continue Reading
Since the EU’s General Data Protection Regulation (GDPR) went into effect, we have been anxiously awaiting enforcement activities that would indicate regulator priorities. The waiting is over. It was recently reported that the UK Information Commissioner’s Office (ICO) issued an Enforcement Notice to AggregateIQ Data Services (AIQ) on July 6, 2018. Although the Enforcement Notice … Continue Reading
Educational technology (“EdTech”) such as unified communications programs, educational software, and networked devices has become an integral part of education due to its ability to help educators, students, and institutions manage information, provide educational materials, and improve administrative functions. But the FBI is now warning of the data privacy risks associated with EdTech. The FBI … Continue Reading
by Leila Javanshir, Miller Nash Graham & Dunn 2018 Summer Associate On June 28, 2018, yet another new law hit the data privacy world that will impact the ways companies around the world will handle their data. The implementation of the California Consumer Privacy Act (CCPA) is a landmark moment for consumers and businesses alike. … Continue Reading
Who: United States businesses that process (i.e., collect, store, or transmit) the personal information of EU residents in connection with offering goods or services in the EU (online or otherwise) are subject to the GDPR, regardless of whether the business has any physical presence in the EU or any payment is made by the EU … Continue Reading
On May 25, 2017, Oregon Governor Kate Brown signed into law H.B. 2090. This new law will make materially inaccurate claims related to the collection, use, disclosure, maintenance, and disposal of consumer data an unlawful trade practice subject to enforcement by the Attorney General. The law applies not only to claims made on websites (privacy … Continue Reading
